Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Q and A on cross site request forgeries and breaking into sessions. It's one of the attacks that XSS enables and the attack of the future. For Session, fixations, hijacking, lockout, replay, session riding etc.... 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
An easy way to avoid GIFARs, etc?
Posted by: exesteam
Date: May 18, 2009 01:27PM

Hi,

I'm wondering if it's enough if I transfer my files through my dedicated IP?

For example, my site is site.com and IP is 1.2.3.4, so I would transfer my files through http://1.2.3.4/file.gif

Would this be safe? I know that a different domain will do, but what about using an IP?

And what about subdomains?

Of course I need to make sure that the site is indeed loaded as http://1.2.3.4 and not site.com in order to allow the data transfer. (and when people login to my site or whenever they create cookies I make sure the cookies are for site.com and not http://1.2.3.4)

Does this sound reasonable?

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: nEUrOO
Date: May 26, 2009 01:31PM

Not sure to get what you're saying here... But GIFARs are when ppl are able to upload file to your server (basically, a GIF that will be interpreted as a JAR applet later on, when rendered by the browser).

Is this your case? If so, why IP restriction? Do I miss something?

nEUrOO -- http://rgaucher.info -- http://twitter.com/rgaucher

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: barbarianbob
Date: May 26, 2009 02:50PM

Do you mean like this:

Site is site.com. IP of site is 1.2.3.4
site.com/images/* redirects to 1.2.3.4/images/*
1.2.3.4/anythingElse redirects to site.com/anythingElse
So that when the user is viewing an image, they're visiting 1.2.3.4, and when they're doing anything else, it's on site.com

I don't see any problem with that. document.domain would be different, so the bad guys wouldn't be able to access cookies or xss.

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: exesteam
Date: July 08, 2009 09:24AM

Hi barbarianbob, that's exactly what I meant. Thanks. One question, is sub.domain.com different from domain.com ? (Provided that the cookie is strictly created for domain.com and not for subdomains or are there some problems?)

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: Natalyah44
Date: August 27, 2009 10:12PM

Welcome to the site, thank you for supporting the site. It's people like you who read and try things yourself that make our lives a bit easier. Thank you.



Edited 1 time(s). Last edit at 08/28/2009 02:54PM by thrill.

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: thrill
Date: August 27, 2009 10:49PM

@Natalyah44

Yes! I agree that the moon location correlates with the position of the parabolic antennae in conjunction with how much curry powder is consumed that specific day in Boise, Idaho. Amazing isn't it?

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill

Options: ReplyQuote
Re: An easy way to avoid GIFARs, etc?
Posted by: thrill
Date: August 28, 2009 02:55PM

hahaha.. id pointed me to the hidden text included in natalyah's message:

{url=http://spam.xxx]{color=#FFFFFF]{u]simulation rachat voiture pret automobile taux calcul credit auto{/u]{/url]{/color]{color=#FFFFFF]Une simulation credit auto instannee et facile ici si vous avez une
voiture{/color]{url=http://spam.xxx]{color=#FFFFFF]{u]simulation rachat voiture pret automobile taux calcul credit auto{/u]{/color]

--thrill

---

It is not the degrees you hold, but the mind you possess. - thrill



Edited 1 time(s). Last edit at 08/28/2009 03:12PM by thrill.

Options: ReplyQuote


Sorry, only registered users may post in this forum.